Slashdot Mirror
Firefox 44 Arrives With Push Notifications (mozilla.org)
An anonymous reader writes: Mozilla today launched Firefox 44 for Windows, Mac, Linux, and Android. Notable additions to the browser include push notifications, the removal of RC4 encryption, and new powerful developer tools. Mozilla made three promises for push notifications: "1. To prevent cross-site correlations, every website receives a different, anonymous Web Push identifier for your browser. 2. To thwart eavesdropping, payloads are encrypted to a public / private keypair held only by your browser. 3. Firefox only connects to the Push Service if you have an active Web Push subscription. This could be to a website, or to a browser feature like Firefox Hello or Firefox Sync." Here are the full changelogs: Desktop and Android.
Who has a list of which configuration options I need to go into about:config and disable this time?
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
"a website could notify you when something important happened, even if you [don’t] have the site open"
Cool!
Is RSS dead now, like web onthologies?
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
This version is also the first to require signed extensions with no way to:
1) Disable the signature check at all
2) Use any signature other than Mozilla's
3) Install a extension built and packaged by your distribution repository (unless Mozilla signs each build)
4) Forcefully install a extension that you built yourself
I don't understand why Mozilla gets away with this type of hidden DRM. At least in Secure Boot you could enroll your own signatures.
Here, the only option you have is to switch to an unbranded fork of Firefox.
Good for you.
Firefox 45 arrives with pull notifications.
A website registers a Service Worker with the browser. Service Workers are small JavaScript programs with super powers like intercepting network requests or running even when their parent website is closed.
What could possibly go wrong?
Add a compile-time option that gets rid of ALL this crap. Even the extensions. Tabs can stay. Then release this as a Firefox-slim. I'd use it.
To assist law enforcement by fingerprinting your browser payloads are encrypted to a public / private keypair held only by your browser
FTFY.
~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
Yeah, to keep your antivirus and ad blockers out of the way.
Oh well, at least there's still Netscape.
“He’s not deformed, he’s just drunk!”
"Installation of unsigned extensions will still be possible on Nightly and Developer Edition, as well as special, unbranded builds of Release and Beta that will be available mainly for developers testing their extensions."
Is this not the case?
Here, the only option you have is to switch to an unbranded fork of Firefox.
Oh... it IS the case; but you made it sound like a FORK; when its really a proper release channel for developers.
At this point you sound like someone whining that the LTS release doesn't have the cutting edge features you want.
That said, the problem with your options 1, 2, & 4 (especially on a platform like Windows) is that if you can do those things, then so can malware so they don't offer much protection in the end.
Having you pro-actively select to install a separate build that enables it, really probably is the best solution that works for the least literate users and the most literate.
I agree that I'd like to be able to manage the certs in the mainstream build... but I'm not sure doing so would solve the problem they are trying to solve, especially with how Firefox uses its own certificate store.
Awesome! More shit nobody wanted! Thanks Mozilla!
Safari started doing this and yes you can turn off this feature but I have found when you do that you lose some page information with some sites? But for me I simply am tired of devices thinking every single app, program, web site I use needs to promptly inform me of stuff through a notification. I guess some people have that need for instant information but I am not one of them. Too me notifications are like someone tapping on you when you talking to someone else. To me the notification ideal is intrusive and should not be on by default with anything. Which is my problem with apps on my iPhone. They all seem to think I like getting these notifications.
Who has a list of which configuration options I need to go into about:config and disable this time?
You must be an old timer!
Programs are configurable! Just go through all the apps and programs that you use on a daily basis and change whatever you want to make the system work to your liking.
All these features are easy to change, and learning a mere handful of methods will get you anywhere you want to go.
1) Go to about.config, click on the "I understand", type in "this.obscure.value", double click it to change value. The "this.obscure.value" is named in a transparent, easily understandable way such as "browser.cache.disk.smart_size.enabled". This enables the "smart size" feature of the caching system. It's obvious what it does, because it's name says it all.
2) Go to start->run->regedit, navigate to "this obscure value", type in "add new value" in DWORD format and set it's value to 1. For instance, to disable the new volume control and go back to the old style, just navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion, create a new key MTCUVC, create a new DWORD EnableMtcUvc, and set its value to 0.
Only old folks think that's not simple, and I don't for the life of me know why!
3) Pick a random number, put "KB" in front of it, and do what's described there. For example, KB3035583 tells you how Microsoft has helpfully introduced "additional capabilities for Windows Update notifications when new updates are available to the user". It's just telling you how Windows 10 is now available. If you want to customize this behaviour, you can use task manager to stop the GWX.exe process. Or, you can go to programs and then click or tap on View installed updates, then scroll down until you see the KB3035583 update, select it, press "uninstall", and then confirm that you want to uninstall it.
Nothing could be simpler, I just *don't get* where these old folks are coming from!
4) Changing things in linux it's even easier! Just go to /etc as root and vi "some-random-file", and change the configuration manually. It's easy to do, because all the configuration files are in one place! For example, remote disks are called "shares", and the process that manages this is called samba, and the file to edit is thus /etc/samba/smb.conf.
What could be easier? The .conf ending lets you know that it's a configuration file!
If you don't know how to use vi, simply type "man vi" and you'll find all the information you need!
Really, I don't understand why old folks don't understand these things - everything is so simple!
Of course, all you have to do to fix that is replace one line of code with
if (true)
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Oh... it IS the case; but you made it sound like a FORK; when its really a proper release channel for developers.
Is that what Ubuntu users are called now?
"I don't know, therefore Aliens" Wafflebox1
https://en.wikipedia.org/wiki/PointCast_(dotcom)
I worked for them a couple of years, and made-out pretty well with the stock because of the eventual sell to AOL.
At this point you sound like someone whining that the LTS release doesn't have the cutting edge features you want.
Sounds to me like he's "whining" about an LTS that has added overly restrictive features that he doesn't want.
Do you call it "whining" when you do it, or is it only for other people?
Is that what Ubuntu users are called now?
Only if they want to get their Mozilla Firefox extensions from a source *other* than Mozilla; or did I miss something?
Because if not, that's the end for me and Firefox.
let someone know they're being Pushed out the door for not toeing the party line on some Social Justice issue unrelated to javascript compiler speed? Cause Mozilla clearly already had that feature
Hire a Linux system administrator, systems engineer,
Sounds to me like he's "whining" about an LTS that has added overly restrictive features that he doesn't want.
Not really. If it really was a distinction between rolling and LTS then I'd see a problem. But its really two different rolling releases, once aimed to be safe as possible for neophytes and one with fewer restrictions and more options to hang yourself. He's on the safety release now, but wants to do more advanced stuff... which is fine. He can switch to one of the more advanced releases... but he apparent doesn't want to for no reason given.
Further, he wants the rolling release software that he's currently using to stay the same, and not do exactly what it announced it would do nearly a year ago.
Yeah, that sounds like whining.
Do you call it "whining" when you do it, or is it only for other people?
Don't worry, you people call me out on it when I whine too.
And now, if we want to do something revolutionary with an Extension that they haven't foreseen, well, too bad. You need their permission which some negative nancy will refuse to grant because "powerful".
Peter predicted that you would "deliberately forget" creation 2000 years ago...
did I miss something?
I think so, since "build from source" is what Linux distros do.
"I don't know, therefore Aliens" Wafflebox1
I think so, since "build from source" is what Linux distros do.
Then what is the problem? Have the distro modify the source going into the repo to remove any non-OSS friendly stuff... isn't that what iceweasel is?
Another firefox version released.... does anyone give a crap?... nobody needs to read firefox's changelog on slashdot's front page.... come on mods!!!!
I'm confused. We are delaying the removal of this preference to Firefox 46
If you haven't already, rather than messing around with settings and installing extensions, just drop it. Uninstall and don't look back. There are other browsers.
Have the distro modify the source going into the repo to remove any non-OSS friendly stuff
They already only distribute OSS extensions.
"I don't know, therefore Aliens" Wafflebox1
Give Pottering a week and we'll have some spaghetti code that does the same thing in kernel.
Only the State obtains its revenue by coercion. - Murray Rothbard
Because the alternative is easy malware installs?
Cool your jets, AC. Mozilla pushed removing the signed extension toggle back to Firefox 46. https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/
So you'll have a least until next week before you lose the ability to run unsigned extensions. :p
So based on last month's stats, Firefox is down to about 7% of the browser market. That's across all versions, on all desktop and mobile (where Firefox for Android has a massive 0.05% of the market) platforms.
At this point, Firefox as a whole is nearly below iOS Safari 9.2, IE 11, and UC Browser for Android. It almost has fewer users than Opera Mini, even! Hell, even Chrome 46 still has almost as many users as Firefox has in total, and Chrome is up to version 48 now!
It's now clear that Firefox 44 introduces a lot of shit that users just don't want, and there's a lot more dumb shit in the pipeline, too.
Based on this, I'm going to make a prediction: Firefox will be at or under 2% of the market by the end of 2016.
So many of Firefox's changes only serve to drive users away to other browsers, and I don't see anything suggesting that they'll start listening to their few remaining users any time soon. Rust and Servo are total dead ends at this point, so we can't count on them to save Firefox.
Once Firefox hits such a low single-digit share of the market, it's likely that Mozilla will be considered completely irrelevant. This is bad for the web, of course, since it cements the WebKit/Blink monoculture.
Web push is already easily handled through WebSockets. I wrote a couple applications that are able to handle hundreds of random notifications per second coming from a server. Works with Chrome, Firefox and even IE. Older versions of IE require a polyfill but even that works great.
That was the turning point of my life--I went from negative zero to positive zero.
Firefox is really pissing me off anyway, mine keeps loosing the spellcheck. I've gone through all the troubleshooting steps, checked the language packs are installed, and yet often the "Check Spelling" disappears and instead "Add a dictionary" shows up.
Bury it in an unmarked grave.
It died at version 42.
Mourn and get over it.
You do know that you don't have to use Gnome or systemd in Linux right?
Also if you're using FreeBSD you can compile Pale Moon yourself. If you're using a Mac, well then you've already made your bed and you can use whatever Apple is offering.
Oh look, it's Netscape Netcaster all over again. This time it really is the future guys.
Does anyone know if security.tls.insecure_fallback_hosts is now deprecated? I have an old device that will never get its SSL certificates reissued and I cannot create a new certificate with better algorithms. I use an old portable version of Firefox that I use to sometimes login. I noticed with Firefox 44 if I now go to the IP address, which I have added in the above preference name, I am greeted with the Advanced button and expanding it gives me a link to "(Not secure) try loading 'ip address' using outdated security." If I click on it it does nothing and gives redirects back to the "Your connection is not secure" page.
The latest version of ssh allows one to whitelist hosts with deprecated encryption so I have access that way, too. It would be nice to not have Firefox 44 and another just to access this device.
Lol
That doesn't really fix any of the problems with signing.
That's nonsense. Firefox ESR is not a solution.
The problems include:
1. The most recent ESR is based on Firefox 38. This version includes Australis and a bunch of other shitty, unwanted changes. So for many users it's no good to begin with.
2. These releases are only updated for about a year. So even if there were a good version, you're pretty much fucked after a year.
3. The acronym makes some people vomit, because it reminds them of Eric S. Raymond.
The only sensible thing to do is to use Chrome, or maybe IE 11 or Edge if you're on Windows. Yes, that's right, even IE and its descendants are a better option than Firefox is!
Although Chrome gives you the same experience today that you'll eventually get six months from now from Firefox, Chrome manages to perform much better.
Chrome gives you a shitty experience, but at least it's not a slow and shitty experience like Firefox gives you.
This version is also the first to require signed extensions with no way to:
1) Disable the signature check at all
That is incorrect. They pushed it back again to FF46.
But more generally, I agree it is total bullshit. And what's worse is that the answer is super fucking easy. All they need to do is let the user specify a white-list of extensions that do not need signatures. Require that the white-list be kept in an admin-only writeable location, like the system-wide firefox install directory where there is already some config data. If an attacker can write to admin-only files then the whole system is already compromised anyway.
Instead they want you to use an entirely different 'unbranded' build of firefox which just means that people won't be able to get the automatic firefox updates which will result in older, more exploitable versions of firefox persisting on users' systems. So drastically less security for anyone even slightly out of the ordinary.
Dumb all around on this from Mozilla.
I hate you so much.
Why do we let things stay this way?
You are full of it...
I mean, with Gnome you talk about about desktop Linux and that has benefited from systemd.
I support your dislike of Gnome (2, 3, x), that's why there is KDE, XFE etc.
Oh yes, and I needed to undo a wrong moderation.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
Yet, mind bogglingly enough it is still way simpler than trying to fix windows registry. Mind you fuck up about:config and the browser stops working, Windows registry fucks itself up and you computer stops working. Want to keep a computer working, always dual boot and that way you can boot to Linux to fix your gaming and browsing machine. I have managed to keep windows 7 going since getting this computer without a reinstall by that very method. Damn being able to edit a text file makes like so much easier when it comes to fixing a broken OS or broken program. Having to reinstall a program or and entire OS and every program you have because you couldn't edit a text file is fucking nuts. One five minute edit versus hours and hours of reinstall, oh, yeah that edit is so very, very hard.
Chaos - everything, everywhere, everywhen
I searched about:config for 'push' Changed a few values from true to false, and buggered up the Mozilla push URL. Has crashed yet. Only time will tell
My reaction (sent to Mozilla) to the inclusion of the Amazon plug-in:
[Firefox has made me] very, VERY sad indeed. Amazon? Why don't you just shoot my privacy in the head? It would be a kinder solution. More to the point, sucking up to Amazon is NOT going to fix your terrible financial model. Amazon does NOT share any of Mozilla's laudable goals, but "partnering" with those vicious privacy-destroying monsters will destroy you, too. How can ANYONE possibly trust an Amazon partner? Amazon will share a few pennies with you--but Amazon will laugh when you go bankrupt anyway.
Now I've suggested an alternative business model of project-oriented charity shares. I'm already getting blue in the face from repeating that solution, but you are ABSOLUTELY NOT offering a better alternative. Amazon is EVIL, and now I regard Firefox as EVIL, too. My chief regret is that there are no alternatives that are significantly less evil--and it always comes back to stupid financial models.
Longer version with more about the alternative financial model I favor: https://ello.co/shanen0/post/8...
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Where can I borrow a cup of mod points? This post deserves more on several dimensions...
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Yet another set of features nobody asked for. How about working for some stuff that matter to your users for the next version?
More stability anyone? I'm having 2-3 crashes on a daily basis on Mac. I'm sick of it.
Rehaulling of tab groups? A lot of user depend on this and complained about the plans to scrap the feature. And the devs were like: "Meeeh... Too much work. Let's just kill it."
Firefox "extended" releases last a few minutes longer than standard ones (which last a few nanoseconds).
When did software releases start competing with subatomic particles for longevity?
Because the alternative is easy malware installs?
Careful, your cluelessness is showing. If someone's computer is compromised a rogue browser extension is the least of their worries.
"What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
/)
How do Push notifications work? Do they connect to an open port or something? I see Firefox seems to have a connection to some mozilla site, but does push gmail in android work the same way? Does it just move polling to some central URL or does it have an incoming port open?
You must be an old timer!
Only old folks think that's not simple, and I don't for the life of me know why!
Nothing could be simpler, I just *don't get* where these old folks are coming from!
Really, I don't understand why old folks don't understand these things - everything is so simple!
There is a fine line between being funny and being an ASSHOLE and you definitely are not funny.
My first computer course was at Rice University, programming PL/1 on an IBM mainframe with punch cards. I programmed COBOL and FORTRAN on VMS on a VAX at the University of Houston. I used UNIX before Torvalds ever thought of making Linux.
I used OS/2 Warp when everybody was suffering through Windows 95. I started using Linux when IBM killed off OS/2. I ran WebCT on Solaris for over 6,000 professors and students at Texas A&M University Kingsville.
And that is just stuff over 8 years ago. At Rackspace I spent 5 years supporting Managed Linux customers then 3 years in Operations supporting the engineers working on their cloud infrastructure.
I have probably forgotten more about computers than you will ever know in your entire life.
Maybe you would not have to attempt to be funny and people would actually listen to your ravings if you knew how to keep your shitty little website online: http://www.okianwarrior.com/
Just another sign that Slashdot has jumped the shark sign since only ASSHOLES like you seem to come to Slashdot these days.
LOL the worst part is that you are probably just another hipster wannabee who thinks that running a Mac makes you cool!
A man who wants nothing is invincible
BLOAT BLOAT BLOAT (feature creeeep) BBlooaaatTTT
Yes, you are confused. Delaying something instead of cancelling it means I know before it pissed me off. Posted via chrome.
And chrome sucks for dashslot, so I'm not real happy about it either.
Says the totally unfunny asshole post.
Don't need it and don't want it. The devs at mozilla need a reality check. They're constantly removing useful functionality and features included since firefox's early days that users have become accustomed to justifying the changes by saying they're 'unuses', 'cause stability probldms', 'unmaintainable', etc. Then, while they do that they add features that are even less useful and create new problems. This push bs should have been added as an add-on for the users who want it and not added to firefox itself and forced on everyone. The firefox devs have again proven themselves hypocrites.
The mozilla devs have destroyed firefox. Citing 'stability', 'maintainability', 'unused features', etc. they have removed most of what firefox was known for and reduced it to a chrome knockoff. The new firefox is pathetically crippled, lacks a decent interface and configuration options, and looks out of place in the major linux desktop environments. Push notifications should have been implemented as an add-on for those who want it and not implemented in such a way as to create new problems for users who don't want it.
4) no troll is complete without mentioning systemd has replaced much of traditional configuration :)
whoosh
I mean you could compile it on OS X too, you'd probably need to patch it a little bit. Once you get into the world of homebrew you'll find OS X isn't as locked down as you like to believe.
Just disable it in the browser, yo say? Not since I stopped trusting Firefox.
This.
Besides, isn't the definition of malware something that prevents the owner of the computer from being in control of what the computer does? Such as preventing him from installing the extensions he needs.
Those using FreeBSD basically have to use Chrome
Google doesn't ship Chrome for FreeBSD. Chromium is in packages, but Chrome and Chromium are not the same thing - Chrome includes things like the Netflix DRM. Updates to the Chromium port also take a while because Google refuses to accept patches for FreeBSD (closing the submitted issues as 'FreeBSD is not a supported platform') and so the port needs to maintain a large set of patches.
I am TheRaven on Soylent News
Except nobody is forcing you to use Gnome or Systemd in Linux. Let's see how long you can stay with Windows 7 or how easy it is to switch your GUI and good luck browsing the Source Code...
I learned more from this than I actually care to admit.
You are doing it wrong. The registry is just a database of settings, a simple hierarchy. It stores access control information too, on a much finer grained level than Linux allows. On Linux you have simple file permissions, and that's it.
The registry is periodically backed up. If you someone screw it up, which with the default permissions is hard to do, you can just revert back to an older version. Windows can do this automatically most of the time, or you can do it manually by booting the install media, going into a recovery command line and simply copying the backup files over.
If you aren't doing something similar on Linux, you are also doing that wrong. Before editing critical configuration files that could stop the system booting, you should make a backup copy. Who wants to rebuild a long, complex config file from scratch?
It's also worth noting that there is nothing stopping apps using text files for configuration on Windows. In fact, it's officially supported and encouraged.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
None of this matters anyway since if you have the gall to open up 3 tabs, it will happily eat up 99.999999999% of your system memory, (like it always has, no matter what settings you make in about:config) making it impossible to any other work.
Backend POSTs to you!
Not that you've ever browsed any of the source code in Linux but, if you're willing to sign an NDA and provide a reason (I've used "I'm curious" as a reason) then you can see Windows source code, at least quite a bit of it. It's called the Shares Source Initiative. It has been a policy for like ten years now - maybe longer.
You can use Google to find it. Or Bing, I suppose. Just search for Microsoft Shared Source Initiative. Hell, I use Lubuntu and I know this. So, you've got good luck browsing the source code - if you actually want to, could make up a reason, and took the few seconds to use a search engine.
I'm not sure what benefit you'd actually, personally, gain from browsing the source code. That's not really the benefit from free software. The benefit isn't so much that you can browse, but that you can change, fix, and edit the source code. You can not do that with Windows, however. Well, if you're big and powerful enough then they might let you or will do so on your behalf. But not so for you. For example, Windows XP is still being quietly maintained and updated - just not for you. The US Navy pays Microsoft, not a whole lot actually, to provide continued support for Windows XP.
At any rate, if browsing the source code on Windows 7 is your goal, make up a good reason and check out the shared source initiative. You can browse quite a bit.
"So long and thanks for all the fish."
It's not a matter of how locked down OS X is, it's a matter of how limited Mac users' abilities are. People buy Apple because they don't understand technology.